﻿using System;
using System.Linq;
using System.Net;
using System.Web.Mvc;
using PhotoBlog.Core.Models;
using PhotoBlog.Core.Models.Blogs;
using PhotoBlog.Models.Users;

namespace PhotoBlog.Controllers
{
    [Authorize(Users = "admin")]
    public class BlogController : Controller
    {
        private readonly IBlogRepository blogRepository;
        private readonly IUserRepository userRepository;

        public BlogController(IBlogRepository blogRepository, IUserRepository userRepository)
        {
            this.blogRepository = blogRepository;
            this.userRepository = userRepository;
        }

        public ActionResult Index()
        {
            return RedirectToAction("List");
        }

        public ActionResult List()
        {
            var isAdmin = userRepository.UserIsAdmin(User.Identity.Name);
            if (!isAdmin)
            {
                return View("_Layout");
            }
            var blogs = blogRepository.GetPosts(true).OrderByDescending(b => b.BlogId);
            return View(blogs.ToList());
        }

        public ActionResult Create()
        {
            var isAdmin = userRepository.UserIsAdmin(User.Identity.Name);
            if (!isAdmin)
            {
                return View("_Layout");
            }
            var users = userRepository.GetUsers();
            ViewBag.UserId = new SelectList(users, "UserId", "Login");
            return View();
        }

        // POST: /Blog/Create
        // To protect from overposting attacks, please enable the specific properties you want to bind to, for 
        // more details see http://go.microsoft.com/fwlink/?LinkId=317598.
        [HttpPost]
        [ValidateAntiForgeryToken]
        [ValidateInput(false)]
        public ActionResult Create([Bind(Include = "BlogId,HeaderName,ContentText,UserId")] Blog blog)
        {
            var user = userRepository.GetUserByLogin(User.Identity.Name);
            var isAdmin = user.IsAdmin;
            if (!isAdmin)
            {
                return View("_Layout");
            }
            blog.DatePublish = DateTime.Now;
            blog.Hide = true;
            blog.UserId = user.UserId;
            if (ModelState.IsValid)
            {
                blogRepository.Add(blog);
                return RedirectToAction("Home", "Posts", new { id = blog.BlogId });
            }
            var users = userRepository.GetUsers();
            ViewBag.UserId = new SelectList(users, "UserId", "Login", blog.UserId);
            return View(blog);
        }

        public ActionResult Edit(int? id)
        {
            var isAdmin = userRepository.UserIsAdmin(User.Identity.Name);
            if (!isAdmin)
            {
                return View("_Layout");
            }
            if (id == null)
            {
                return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
            }
            var blog = blogRepository.Find(id.Value);
            if (blog == null)
            {
                return HttpNotFound();
            }
            var users = userRepository.GetUsers();
            ViewBag.UserId = new SelectList(users, "UserId", "Login", blog.UserId);
            return View(blog);
        }

        // POST: /Blog/Edit/5
        // To protect from overposting attacks, please enable the specific properties you want to bind to, for 
        // more details see http://go.microsoft.com/fwlink/?LinkId=317598.
        [HttpPost]
        [ValidateAntiForgeryToken]
        [ValidateInput(false)]
        public ActionResult Edit([Bind(Include = "BlogId,HeaderName,ContentText,UserId,DatePublish, Hide")] Blog blog)
        {
            var isAdmin = userRepository.UserIsAdmin(User.Identity.Name);
            if (!isAdmin)
            {
                return View("_Layout");
            }
            if (ModelState.IsValid)
            {
                blogRepository.Save(blog);
                return RedirectToAction("Home", "Posts", new { id = blog.BlogId });
            }
            var users = userRepository.GetUsers();
            ViewBag.UserId = new SelectList(users, "UserId", "Login", blog.UserId);
            return View(blog);
        }

        public ActionResult Delete(int? id)
        {
            var isAdmin = userRepository.UserIsAdmin(User.Identity.Name);
            if (!isAdmin)
            {
                return View("_Layout");
            }
            if (id == null)
            {
                return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
            }
            var blog = blogRepository.Find(id.Value);
            if (blog == null)
            {
                return HttpNotFound();
            }
            return View(blog);
        }

        [HttpPost, ActionName("Delete")]
        [ValidateAntiForgeryToken]
        public ActionResult DeleteConfirmed(int id)
        {
            var isAdmin = userRepository.UserIsAdmin(User.Identity.Name);
            if (!isAdmin)
            {
                return View("_Layout");
            }
            blogRepository.Delete(id);
            return RedirectToAction("List");
        }
    }
}
